Information Security Policy
Founded 2023, Teachec creates interactive, personalized, and adaptive e-learning technology for eCommerce and marketing, setting new standards for online education. Our mission is to empower individuals and businesses to excel in the digital marketplace.
At Teachec we are very committed to Information Security. meaning that our framework of policies and procedures that includes all legal, physical and technical controls involved in an our information risk management processes adhere to this world-wide renowned high standard.
Information security is an important aspect of our business in all aspects: we need to protect the data from our customers, users and ourselves.
Our Information Security Policy describes the information security management system (or ISMS) that our company uses. Anyone in our company (or at key positions at suppliers) that is handling confidential or sensitive data should be aware of this policy and act in accordance with it. The entire management team of our company has been involved in creating this policy.
Â
1. Policy Statement
1.1. Information Classification
Information is classified into three categories:
Confidential: Information that requires the highest level of protection and is disclosed only to authorized personnel. This includes, but is not limited to, customer data, financial records, and proprietary information.
Internal Use: Information for internal use only, which should not be shared outside the organization without proper authorization.
Public: Information that is suitable for public consumption and does not require special protection.
1.2. Access Control
Access to information is restricted to authorized individuals only. Users will be assigned unique credentials, and access permissions will be granted based on the principle of least privilege, ensuring that individuals have access only to information necessary for their job functions.
1.3. Data Protection
All sensitive information will be encrypted, whether at rest or in transit, to prevent unauthorized access or interception.
1.4. Incident Response
Procedures will be in place to report and respond to security incidents. All employees are responsible for reporting any suspected or confirmed breaches or security incidents promptly.
1.5. Security Awareness
Employees will receive training on information security best practices, and the organization will promote a culture of security awareness.
1.6. Compliance
The organization will comply with all relevant laws, regulations, and industry standards related to information security, including GDPR, HIPAA, or other applicable regulations.
2. Responsibilities
All employees, contractors, and third-party vendors have a shared responsibility for information security. Key responsibilities include:
Complying with this policy and related procedures.
Reporting any security incidents or breaches.
Safeguarding access credentials and information.
3. Enforcement
Violations of this policy may result in disciplinary action, up to and including termination of employment or legal action. Enforcement of this policy is the responsibility of the Information Security Officer or designated individuals.
4. Review and Revision
This Information Security Policy will be reviewed regularly and updated to address evolving security threats and organizational changes.
5. Contact Information
For any questions, concerns, or reporting of security incidents, please contact “contac@teachec.com”
